Toolschecker

Docker for Docker & Containers

Analyzes Dockerfiles for best practices, efficiency, and security vulnerabilities

Useful tools and references

Official Siteofficial

https://github.com/hadolint/hadolint

Documentationdocs

https://github.com/hadolint/hadolint/blob/master/README.md

Example Usageexample

https://github.com/hadolint/hadolint#example

GitHub Reporepo

https://github.com/hadolint/hadolint

Playgroundplayground

https://hadolint.github.io/hadolint/

Examples

Basic Dockerfile

{
  "dockerfile": "FROM ubuntu:20.04\nRUN apt-get update && apt-get install -y python3"
}

Expected output

Recommendation: Use multi-stage build for better security and size.

Insecure Configuration

{
  "dockerfile": "FROM python:3.9\nEXPOSE 5000\nCMD [\"python\", \"app.py\"]"
}

Expected output

Warning: Missing security headers. Add USER nonroot and HEALTHCHECK.

How it works

The tool analyzes the provided Dockerfile content against best practices, identifying issues related to security, efficiency, and image size. It checks for common pitfalls like using non-essential packages, missing security headers, and unnecessary layers.

Related tools

Docker Bench for SecurityDocker ScanHadolint